SpiderLabs Blog
Explore the latest threats, critical vulnerability disclosures, cutting-edge research, and intelligence from our elite global threat experts.
Atlas Oil: The Consequences of a Ransomware Attack
June 25, 2024 | Arthur Erzberger
Overview Atlas Oil, a major player in the oil and fuel distribution industry, ...
Cyber Exterminators: Monitoring the Shop Floor with OT Security
June 03, 2024 | David Broggy
Pressure is increasing on manufacturers to monitor their shop floors for ...
Cracking Into Password Requirements
April 16, 2024 | Ethan Wilkins
This blog post discusses new hashcat rule sets designed to crack passwords with ...
Financially Motivated Criminal Group Targets Telecom, Technology & Manufacturing
September 20, 2023 | Stroz Friedberg DFIR
This client advisory provides an overview of techniques and tactics attributed ...
Mac systems turned into proxy exit nodes by AdLoad
August 10, 2023 | Fernando Martinez
AdLoad malware is still infecting Mac systems years after its first appearance ...
Cybersecurity in the Healthcare Industry: Trustwave SpiderLabs Report
July 13, 2023 | SpiderLabs Researcher
In their latest report titled "Cybersecurity in the Healthcare Industry: ...
Command Injection and Buffer Overflow in Multiple Sharp NEC Displays
July 06, 2022 | Howard McGreehan
CVE-2021-20698, CVE-2021-20699: Command Injection and Buffer Overflow ...
Command Injection in Multiple Snap One Araknis Networks Products
June 07, 2022 | Howard McGreehan
CVE-2021-40144, CVE-2021-40844, CVE-2021-42661: Command Injection ...
Yours Truly, Signed AV Driver: Weaponizing an Antivirus Driver
February 26, 2022 | Eduardo Mattos and Rob Homewood
In 2021, Stroz Friedberg observed novel indicators of compromise (IOCs) and a ...
Introducing D-Modem: A software SIP modem
October 29, 2021 | Dan Bastone
Connect to dialup modems over VoIP using SIP, no modem hardware required.
CVE-2021-1825: Inadequate Input Encoding in WebKit
October 25, 2021 | Alex Camboe
In August 2020, Stroz Friedberg discovered and reported to Apple an issue ...
Missing Critical Vulnerabilities Through Narrow Scoping
September 16, 2021 | John Anderson
The typical process when scoping a penetration test is to get a list of targets ...
PRISM attacks fly under the radar
August 23, 2021 | Fernando Dominguez
LevelBlue SpiderLabs has recently discovered a cluster of Linux ELF executables ...
Unauthenticated XXE in Multiple Mitsubishi Electric Air Conditioner Control Systems
July 06, 2021 | Howard McGreehan
CVE-2021-20595: Unauthenticated XXE affecting multiple Mitsubishi Electric Air ...
Red Team Case Study: Bypassing CloudFlare WAF for Successful OGNL Injection
April 17, 2020 | Faisal Tameesh
Bypassing CloudFlare's WAF to exploit an OGNL injection vulnerability in a red ...
CVE-2020-2551: Unauthenticated RCE In Oracle WebLogic
February 04, 2020
Unauthenticated Remote Code Execution in IIOP protocol via Malicious JNDI ...
Remote Code Execution and other Vulnerabilities in WS_FTP Server
September 18, 2019 | Dan Bastone and Devon Greene
CVE-2019-12143, CVE-2019-12144, CVE-2019-12145, CVE-2019-12146: Multiple ...
Hyper-V’s Guest/Host Attack Surface: A Quick Look
August 20, 2019 | Drew Noel
An overview of Hyper-V’s guest/host communications and attack surface.
Unauthenticated Remote Code Execution In Kentico CMS
April 15, 2019 | Manoj Cherukuri
CVE-2019-10068: RCE as Administrator via deserialization vulnerability in ...
Remote Code Execution In BlogEngine.NET
March 28, 2019 | Dustin Cobb
CVE-2019-6714: RCE via path traversal in BlogEngine.NET 3.3.6.0.
CUPS Local Privilege Escalation And Sandbox Escapes
July 11, 2018 | Dan Bastone
CVE-2018-4180, CVE-2018-4182, CVE-2018-4183, CVE-2018-6553, CVE-2018-4181: ...
Jolokia Vulnerabilities – RCE & XSS
April 18, 2018 | Olga Barinova
CVE-2018-1000130, CVE-2018-1000129: Remote Code Execution via JNDI injection ...
Post-Soviet Bank Heists: A Hybrid Cybercrime Study
October 09, 2017
Today we are publishing a SpiderLabs Advanced Threat Report that details a ...
Linux Based Inter-Process Code Injection Without Ptrace (2)
September 05, 2017 | Rory McNamara
This article shows a technique to inject code into a Linux process without ...
A Backdoor in Skype for Mac OS X
December 12, 2016 | SpiderLabs Pen Testing LAC
Trustwave recently reported a locally exploitable issue in the Skype Desktop ...
Exploiting Padding Oracle To Gain Encryption Keys
October 26, 2015 | Georg Chalupar
Practical tricks on exploiting a padding oracle vulnerability.
WebLogic SSRF And XSS (CVE-2014-4241, CVE-2014-4210, CVE-2014-4242)
March 30, 2015 | Toby Clarke
CVE-2014-4241, CVE-2014-4210, and CVE-2014-4242: Server-Side Request Forgery ...
Exploiting Integer Based SQL Injection In Nested SQL Queries
October 08, 2013 | Sasha Zivojinovic
SQL injection involving nested queries and arithmetic evaluation.